Navigation

Table Of Contents

  1. Docs
  2. Available Services
  3. AccessAnalyzer

AccessAnalyzer

Table of Contents

Client

class AccessAnalyzer.Client

A low-level client representing Access Analyzer:

import boto3

client = boto3.client('accessanalyzer')

These are the available methods:

can_paginate(operation_name)

Check if an operation can be paginated.

Parameters
operation_name (string) -- The operation name. This is the same name as the method name on the client. For example, if the method name is create_foo, and you'd normally invoke the operation as client.create_foo(**kwargs), if the create_foo operation can be paginated, you can use the call client.get_paginator("create_foo").
Returns
True if the operation can be paginated, False otherwise.
create_analyzer(**kwargs)

Creates an analyzer for your account.

See also: AWS API Documentation

Request Syntax

response = client.create_analyzer(
    analyzerName='string',
    archiveRules=[
        {
            'filter': {
                'string': {
                    'contains': [
                        'string',
                    ],
                    'eq': [
                        'string',
                    ],
                    'exists': True|False,
                    'neq': [
                        'string',
                    ]
                }
            },
            'ruleName': 'string'
        },
    ],
    clientToken='string',
    tags={
        'string': 'string'
    },
    type='ACCOUNT'
)
Parameters
  • analyzerName (string) --

    [REQUIRED]

    The name of the analyzer to create.

  • archiveRules (list) --

    Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.

    • (dict) --

      An criterion statement in an archive rule. Each archive rule may have multiple criteria.

      • filter (dict) -- [REQUIRED]

        The condition and values for a criterion.

        • (string) --
          • (dict) --

            The criteria to use in the filter that defines the archive rule.

            • contains (list) --

              A "contains" operator to match for the filter used to create the rule.

              • (string) --
            • eq (list) --

              An "equals" operator to match for the filter used to create the rule.

              • (string) --
            • exists (boolean) --

              An "exists" operator to match for the filter used to create the rule.

            • neq (list) --

              A "not equals" operator to match for the filter used to create the rule.

              • (string) --
      • ruleName (string) -- [REQUIRED]

        The name of the rule.

  • clientToken (string) --

    A client token.

    This field is autopopulated if not provided.

  • tags (dict) --

    The tags to apply to the analyzer.

    • (string) --
      • (string) --
  • type (string) --

    [REQUIRED]

    The type of analyzer to create. Only ACCOUNT analyzers are supported. You can create only one analyzer per account per Region.

Return type

dict

Returns

Response Syntax

{
    'arn': 'string'
}

Response Structure

  • (dict) --

    The response to the request to create an analyzer.

    • arn (string) --

      The ARN of the analyzer that was created by the request.

create_archive_rule(**kwargs)

Creates an archive rule for the specified analyzer. Archive rules automatically archive findings that meet the criteria you define when you create the rule.

See also: AWS API Documentation

Request Syntax

response = client.create_archive_rule(
    analyzerName='string',
    clientToken='string',
    filter={
        'string': {
            'contains': [
                'string',
            ],
            'eq': [
                'string',
            ],
            'exists': True|False,
            'neq': [
                'string',
            ]
        }
    },
    ruleName='string'
)
Parameters
  • analyzerName (string) --

    [REQUIRED]

    The name of the created analyzer.

  • clientToken (string) --

    A client token.

    This field is autopopulated if not provided.

  • filter (dict) --

    [REQUIRED]

    The criteria for the rule.

    • (string) --
      • (dict) --

        The criteria to use in the filter that defines the archive rule.

        • contains (list) --

          A "contains" operator to match for the filter used to create the rule.

          • (string) --
        • eq (list) --

          An "equals" operator to match for the filter used to create the rule.

          • (string) --
        • exists (boolean) --

          An "exists" operator to match for the filter used to create the rule.

        • neq (list) --

          A "not equals" operator to match for the filter used to create the rule.

          • (string) --
  • ruleName (string) --

    [REQUIRED]

    The name of the rule to create.

Returns

None

delete_analyzer(**kwargs)

Deletes the specified analyzer. When you delete an analyzer, Access Analyzer is disabled for the account in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.

See also: AWS API Documentation

Request Syntax

response = client.delete_analyzer(
    analyzerName='string',
    clientToken='string'
)
Parameters
  • analyzerName (string) --

    [REQUIRED]

    The name of the analyzer to delete.

  • clientToken (string) --

    A client token.

    This field is autopopulated if not provided.

Returns

None

delete_archive_rule(**kwargs)

Deletes the specified archive rule.

See also: AWS API Documentation

Request Syntax

response = client.delete_archive_rule(
    analyzerName='string',
    clientToken='string',
    ruleName='string'
)
Parameters
  • analyzerName (string) --

    [REQUIRED]

    The name of the analyzer that associated with the archive rule to delete.

  • clientToken (string) --

    A client token.

    This field is autopopulated if not provided.

  • ruleName (string) --

    [REQUIRED]

    The name of the rule to delete.

Returns

None

generate_presigned_url(ClientMethod, Params=None, ExpiresIn=3600, HttpMethod=None)

Generate a presigned url given a client, its method, and arguments

Parameters
  • ClientMethod (string) -- The client method to presign for
  • Params (dict) -- The parameters normally passed to ClientMethod.
  • ExpiresIn (int) -- The number of seconds the presigned url is valid for. By default it expires in an hour (3600 seconds)
  • HttpMethod (string) -- The http method to use on the generated url. By default, the http method is whatever is used in the method's model.
Returns

The presigned url

get_analyzed_resource(**kwargs)

Retrieves information about a resource that was analyzed.

See also: AWS API Documentation

Request Syntax

response = client.get_analyzed_resource(
    analyzerArn='string',
    resourceArn='string'
)
Parameters
  • analyzerArn (string) --

    [REQUIRED]

    The ARN of the analyzer to retrieve information from.

  • resourceArn (string) --

    [REQUIRED]

    The ARN of the resource to retrieve information about.

Return type

dict

Returns

Response Syntax

{
    'resource': {
        'actions': [
            'string',
        ],
        'analyzedAt': datetime(2015, 1, 1),
        'createdAt': datetime(2015, 1, 1),
        'error': 'string',
        'isPublic': True|False,
        'resourceArn': 'string',
        'resourceType': 'AWS::IAM::Role'|'AWS::KMS::Key'|'AWS::Lambda::Function'|'AWS::Lambda::LayerVersion'|'AWS::S3::Bucket'|'AWS::SQS::Queue',
        'sharedVia': [
            'string',
        ],
        'status': 'ACTIVE'|'ARCHIVED'|'RESOLVED',
        'updatedAt': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    The response to the request.

    • resource (dict) --

      An AnalyedResource object that contains information that Access Analyzer found when it analyzed the resource.

      • actions (list) --

        The actions that an external principal is granted permission to use by the policy that generated the finding.

        • (string) --

      • analyzedAt (datetime) --

        The time at which the resource was analyzed.

      • createdAt (datetime) --

        The time at which the finding was created.

      • error (string) --

        An error message.

      • isPublic (boolean) --

        Indicates whether the policy that generated the finding grants public access to the resource.

      • resourceArn (string) --

        The ARN of the resource that was analyzed.

      • resourceType (string) --

        The type of the resource that was analyzed.

      • sharedVia (list) --

        Indicates how the access that generated the finding is granted.

        • (string) --

      • status (string) --

        The current status of the finding generated from the analyzed resource.

      • updatedAt (datetime) --

        The time at which the finding was updated.

get_analyzer(**kwargs)

Retrieves information about the specified analyzer.

See also: AWS API Documentation

Request Syntax

response = client.get_analyzer(
    analyzerName='string'
)
Parameters
analyzerName (string) --

[REQUIRED]

The name of the analyzer retrieved.

Return type
dict
Returns
Response Syntax
{
    'analyzer': {
        'arn': 'string',
        'createdAt': datetime(2015, 1, 1),
        'lastResourceAnalyzed': 'string',
        'lastResourceAnalyzedAt': datetime(2015, 1, 1),
        'name': 'string',
        'tags': {
            'string': 'string'
        },
        'type': 'ACCOUNT'
    }
}

Response Structure

  • (dict) --

    The response to the request.

    • analyzer (dict) --

      An AnalyzerSummary object that contains information about the analyzer.

      • arn (string) --

        The ARN of the analyzer.

      • createdAt (datetime) --

        A timestamp for the time at which the analyzer was created.

      • lastResourceAnalyzed (string) --

        The resource that was most recently analyzed by the analyzer.

      • lastResourceAnalyzedAt (datetime) --

        The time at which the most recently analyzed resource was analyzed.

      • name (string) --

        The name of the analyzer.

      • tags (dict) --

        The tags added to the analyzer.

        • (string) --
          • (string) --
      • type (string) --

        The type of analyzer, which corresponds to the zone of trust chosen for the analyzer.

get_archive_rule(**kwargs)

Retrieves information about an archive rule.

See also: AWS API Documentation

Request Syntax

response = client.get_archive_rule(
    analyzerName='string',
    ruleName='string'
)
Parameters
  • analyzerName (string) --

    [REQUIRED]

    The name of the analyzer to retrieve rules from.

  • ruleName (string) --

    [REQUIRED]

    The name of the rule to retrieve.

Return type

dict

Returns

Response Syntax

{
    'archiveRule': {
        'createdAt': datetime(2015, 1, 1),
        'filter': {
            'string': {
                'contains': [
                    'string',
                ],
                'eq': [
                    'string',
                ],
                'exists': True|False,
                'neq': [
                    'string',
                ]
            }
        },
        'ruleName': 'string',
        'updatedAt': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    The response to the request.

    • archiveRule (dict) --

      Contains information about an archive rule.

      • createdAt (datetime) --

        The time at which the archive rule was created.

      • filter (dict) --

        A filter used to define the archive rule.

        • (string) --

          • (dict) --

            The criteria to use in the filter that defines the archive rule.

            • contains (list) --

              A "contains" operator to match for the filter used to create the rule.

              • (string) --

            • eq (list) --

              An "equals" operator to match for the filter used to create the rule.

              • (string) --

            • exists (boolean) --

              An "exists" operator to match for the filter used to create the rule.

            • neq (list) --

              A "not equals" operator to match for the filter used to create the rule.

              • (string) --

      • ruleName (string) --

        The name of the archive rule.

      • updatedAt (datetime) --

        The time at which the archive rule was last updated.

get_finding(**kwargs)

Retrieves information about the specified finding.

See also: AWS API Documentation

Request Syntax

response = client.get_finding(
    analyzerArn='string',
    id='string'
)
Parameters
  • analyzerArn (string) --

    [REQUIRED]

    The ARN of the analyzer that generated the finding.

  • id (string) --

    [REQUIRED]

    The ID of the finding to retrieve.

Return type

dict

Returns

Response Syntax

{
    'finding': {
        'action': [
            'string',
        ],
        'analyzedAt': datetime(2015, 1, 1),
        'condition': {
            'string': 'string'
        },
        'createdAt': datetime(2015, 1, 1),
        'error': 'string',
        'id': 'string',
        'isPublic': True|False,
        'principal': {
            'string': 'string'
        },
        'resource': 'string',
        'resourceType': 'AWS::IAM::Role'|'AWS::KMS::Key'|'AWS::Lambda::Function'|'AWS::Lambda::LayerVersion'|'AWS::S3::Bucket'|'AWS::SQS::Queue',
        'status': 'ACTIVE'|'ARCHIVED'|'RESOLVED',
        'updatedAt': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    The response to the request.

    • finding (dict) --

      A finding object that contains finding details.

      • action (list) --

        The action in the analyzed policy statement that an external principal has permission to use.

        • (string) --

      • analyzedAt (datetime) --

        The time at which the resource was analyzed.

      • condition (dict) --

        The condition in the analyzed policy statement that resulted in a finding.

        • (string) --
          • (string) --

      • createdAt (datetime) --

        The time at which the finding was generated.

      • error (string) --

        An error.

      • id (string) --

        The ID of the finding.

      • isPublic (boolean) --

        Indicates whether the policy that generated the finding allows public access to the resource.

      • principal (dict) --

        The external principal that access to a resource within the zone of trust.

        • (string) --
          • (string) --

      • resource (string) --

        The resource that an external principal has access to.

      • resourceType (string) --

        The type of the resource reported in the finding.

      • status (string) --

        The current status of the finding.

      • updatedAt (datetime) --

        The time at which the finding was updated.

get_paginator(operation_name)

Create a paginator for an operation.

Parameters
operation_name (string) -- The operation name. This is the same name as the method name on the client. For example, if the method name is create_foo, and you'd normally invoke the operation as client.create_foo(**kwargs), if the create_foo operation can be paginated, you can use the call client.get_paginator("create_foo").
Raises OperationNotPageableError
Raised if the operation is not pageable. You can use the client.can_paginate method to check if an operation is pageable.
Return type
L{botocore.paginate.Paginator}
Returns
A paginator object.
get_waiter(waiter_name)

Returns an object that can wait for some condition.

Parameters
waiter_name (str) -- The name of the waiter to get. See the waiters section of the service docs for a list of available waiters.
Returns
The specified waiter object.
Return type
botocore.waiter.Waiter
list_analyzed_resources(**kwargs)

Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer..

See also: AWS API Documentation

Request Syntax

response = client.list_analyzed_resources(
    analyzerArn='string',
    maxResults=123,
    nextToken='string',
    resourceType='AWS::IAM::Role'|'AWS::KMS::Key'|'AWS::Lambda::Function'|'AWS::Lambda::LayerVersion'|'AWS::S3::Bucket'|'AWS::SQS::Queue'
)
Parameters
  • analyzerArn (string) --

    [REQUIRED]

    The ARN of the analyzer to retrieve a list of analyzed resources from.

  • maxResults (integer) -- The maximum number of results to return in the response.
  • nextToken (string) -- A token used for pagination of results returned.
  • resourceType (string) -- The type of resource.
Return type

dict

Returns

Response Syntax

{
    'analyzedResources': [
        {
            'resourceArn': 'string',
            'resourceType': 'AWS::IAM::Role'|'AWS::KMS::Key'|'AWS::Lambda::Function'|'AWS::Lambda::LayerVersion'|'AWS::S3::Bucket'|'AWS::SQS::Queue'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    The response to the request.

    • analyzedResources (list) --

      A list of resources that were analyzed.

      • (dict) --

        Contains the ARN of the analyzed resource.

        • resourceArn (string) --

          The ARN of the analyzed resource.

        • resourceType (string) --

          The type of resource that was analyzed.

    • nextToken (string) --

      A token used for pagination of results returned.

list_analyzers(**kwargs)

Retrieves a list of analyzers.

See also: AWS API Documentation

Request Syntax

response = client.list_analyzers(
    maxResults=123,
    nextToken='string',
    type='ACCOUNT'
)
Parameters
  • maxResults (integer) -- The maximum number of results to return in the response.
  • nextToken (string) -- A token used for pagination of results returned.
  • type (string) -- The type of analyzer.
Return type

dict

Returns

Response Syntax

{
    'analyzers': [
        {
            'arn': 'string',
            'createdAt': datetime(2015, 1, 1),
            'lastResourceAnalyzed': 'string',
            'lastResourceAnalyzedAt': datetime(2015, 1, 1),
            'name': 'string',
            'tags': {
                'string': 'string'
            },
            'type': 'ACCOUNT'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    The response to the request.

    • analyzers (list) --

      The analyzers retrieved.

      • (dict) --

        Contains information about the analyzer.

        • arn (string) --

          The ARN of the analyzer.

        • createdAt (datetime) --

          A timestamp for the time at which the analyzer was created.

        • lastResourceAnalyzed (string) --

          The resource that was most recently analyzed by the analyzer.

        • lastResourceAnalyzedAt (datetime) --

          The time at which the most recently analyzed resource was analyzed.

        • name (string) --

          The name of the analyzer.

        • tags (dict) --

          The tags added to the analyzer.

          • (string) --
            • (string) --

        • type (string) --

          The type of analyzer, which corresponds to the zone of trust chosen for the analyzer.

    • nextToken (string) --

      A token used for pagination of results returned.

list_archive_rules(**kwargs)

Retrieves a list of archive rules created for the specified analyzer.

See also: AWS API Documentation

Request Syntax

response = client.list_archive_rules(
    analyzerName='string',
    maxResults=123,
    nextToken='string'
)
Parameters
  • analyzerName (string) --

    [REQUIRED]

    The name of the analyzer to retrieve rules from.

  • maxResults (integer) -- The maximum number of results to return in the request.
  • nextToken (string) -- A token used for pagination of results returned.
Return type

dict

Returns

Response Syntax

{
    'archiveRules': [
        {
            'createdAt': datetime(2015, 1, 1),
            'filter': {
                'string': {
                    'contains': [
                        'string',
                    ],
                    'eq': [
                        'string',
                    ],
                    'exists': True|False,
                    'neq': [
                        'string',
                    ]
                }
            },
            'ruleName': 'string',
            'updatedAt': datetime(2015, 1, 1)
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    The response to the request.

    • archiveRules (list) --

      A list of archive rules created for the specified analyzer.

      • (dict) --

        Contains information about an archive rule.

        • createdAt (datetime) --

          The time at which the archive rule was created.

        • filter (dict) --

          A filter used to define the archive rule.

          • (string) --

            • (dict) --

              The criteria to use in the filter that defines the archive rule.

              • contains (list) --

                A "contains" operator to match for the filter used to create the rule.

                • (string) --

              • eq (list) --

                An "equals" operator to match for the filter used to create the rule.

                • (string) --

              • exists (boolean) --

                An "exists" operator to match for the filter used to create the rule.

              • neq (list) --

                A "not equals" operator to match for the filter used to create the rule.

                • (string) --

        • ruleName (string) --

          The name of the archive rule.

        • updatedAt (datetime) --

          The time at which the archive rule was last updated.

    • nextToken (string) --

      A token used for pagination of results returned.

list_findings(**kwargs)

Retrieves a list of findings generated by the specified analyzer.

See also: AWS API Documentation

Request Syntax

response = client.list_findings(
    analyzerArn='string',
    filter={
        'string': {
            'contains': [
                'string',
            ],
            'eq': [
                'string',
            ],
            'exists': True|False,
            'neq': [
                'string',
            ]
        }
    },
    maxResults=123,
    nextToken='string',
    sort={
        'attributeName': 'string',
        'orderBy': 'ASC'|'DESC'
    }
)
Parameters
  • analyzerArn (string) --

    [REQUIRED]

    The ARN of the analyzer to retrieve findings from.

  • filter (dict) --

    A filter to match for the findings to return.

    • (string) --
      • (dict) --

        The criteria to use in the filter that defines the archive rule.

        • contains (list) --

          A "contains" operator to match for the filter used to create the rule.

          • (string) --
        • eq (list) --

          An "equals" operator to match for the filter used to create the rule.

          • (string) --
        • exists (boolean) --

          An "exists" operator to match for the filter used to create the rule.

        • neq (list) --

          A "not equals" operator to match for the filter used to create the rule.

          • (string) --
  • maxResults (integer) -- The maximum number of results to return in the response.
  • nextToken (string) -- A token used for pagination of results returned.
  • sort (dict) --

    The sort order for the findings returned.

    • attributeName (string) --

      The name of the attribute to sort on.

    • orderBy (string) --

      The sort order, ascending or descending.

Return type

dict

Returns

Response Syntax

{
    'findings': [
        {
            'action': [
                'string',
            ],
            'analyzedAt': datetime(2015, 1, 1),
            'condition': {
                'string': 'string'
            },
            'createdAt': datetime(2015, 1, 1),
            'error': 'string',
            'id': 'string',
            'isPublic': True|False,
            'principal': {
                'string': 'string'
            },
            'resource': 'string',
            'resourceType': 'AWS::IAM::Role'|'AWS::KMS::Key'|'AWS::Lambda::Function'|'AWS::Lambda::LayerVersion'|'AWS::S3::Bucket'|'AWS::SQS::Queue',
            'status': 'ACTIVE'|'ARCHIVED'|'RESOLVED',
            'updatedAt': datetime(2015, 1, 1)
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    The response to the request.

    • findings (list) --

      A list of findings retrieved from the analyzer that match the filter criteria specified, if any.

      • (dict) --

        Contains information about a finding.

        • action (list) --

          The action in the analyzed policy statement that an external principal has permission to use.

          • (string) --

        • analyzedAt (datetime) --

          The time at which the resource-based policy that generated the finding was analyzed.

        • condition (dict) --

          The condition in the analyzed policy statement that resulted in a finding.

          • (string) --
            • (string) --

        • createdAt (datetime) --

          The time at which the finding was created.

        • error (string) --

          The error that resulted in an Error finding.

        • id (string) --

          The ID of the finding.

        • isPublic (boolean) --

          Indicates whether the finding reports a resource that has a policy that allows public access.

        • principal (dict) --

          The external principal that has access to a resource within the zone of trust.

          • (string) --
            • (string) --

        • resource (string) --

          The resource that the external principal has access to.

        • resourceType (string) --

          The type of the resource that the external principal has access to.

        • status (string) --

          The status of the finding.

        • updatedAt (datetime) --

          The time at which the finding was most recently updated.

    • nextToken (string) --

      A token used for pagination of results returned.

list_tags_for_resource(**kwargs)

Retrieves a list of tags applied to the specified resource.

See also: AWS API Documentation

Request Syntax

response = client.list_tags_for_resource(
    resourceArn='string'
)
Parameters
resourceArn (string) --

[REQUIRED]

The ARN of the resource to retrieve tags from.

Return type
dict
Returns
Response Syntax
{
    'tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) --

    The response to the request.

    • tags (dict) --

      The tags that are applied to the specified resource.

      • (string) --
        • (string) --
start_resource_scan(**kwargs)

Immediately starts a scan of the policies applied to the specified resource.

See also: AWS API Documentation

Request Syntax

response = client.start_resource_scan(
    analyzerArn='string',
    resourceArn='string'
)
Parameters
  • analyzerArn (string) --

    [REQUIRED]

    The ARN of the analyzer to use to scan the policies applied to the specified resource.

  • resourceArn (string) --

    [REQUIRED]

    The ARN of the resource to scan.

Returns

None

tag_resource(**kwargs)

Adds a tag to the specified resource.

See also: AWS API Documentation

Request Syntax

response = client.tag_resource(
    resourceArn='string',
    tags={
        'string': 'string'
    }
)
Parameters
  • resourceArn (string) --

    [REQUIRED]

    The ARN of the resource to add the tag to.

  • tags (dict) --

    [REQUIRED]

    The tags to add to the resource.

    • (string) --
      • (string) --
Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

    The response to the request.

untag_resource(**kwargs)

Removes a tag from the specified resource.

See also: AWS API Documentation

Request Syntax

response = client.untag_resource(
    resourceArn='string',
    tagKeys=[
        'string',
    ]
)
Parameters
  • resourceArn (string) --

    [REQUIRED]

    The ARN of the resource to remove the tag from.

  • tagKeys (list) --

    [REQUIRED]

    The key for the tag to add.

    • (string) --
Return type

dict

Returns

Response Syntax

{}

Response Structure

  • (dict) --

    The response to the request.

update_archive_rule(**kwargs)

Updates the criteria and values for the specified archive rule.

See also: AWS API Documentation

Request Syntax

response = client.update_archive_rule(
    analyzerName='string',
    clientToken='string',
    filter={
        'string': {
            'contains': [
                'string',
            ],
            'eq': [
                'string',
            ],
            'exists': True|False,
            'neq': [
                'string',
            ]
        }
    },
    ruleName='string'
)
Parameters
  • analyzerName (string) --

    [REQUIRED]

    The name of the analyzer to update the archive rules for.

  • clientToken (string) --

    A client token.

    This field is autopopulated if not provided.

  • filter (dict) --

    [REQUIRED]

    A filter to match for the rules to update. Only rules that match the filter are updated.

    • (string) --
      • (dict) --

        The criteria to use in the filter that defines the archive rule.

        • contains (list) --

          A "contains" operator to match for the filter used to create the rule.

          • (string) --
        • eq (list) --

          An "equals" operator to match for the filter used to create the rule.

          • (string) --
        • exists (boolean) --

          An "exists" operator to match for the filter used to create the rule.

        • neq (list) --

          A "not equals" operator to match for the filter used to create the rule.

          • (string) --
  • ruleName (string) --

    [REQUIRED]

    The name of the rule to update.

Returns

None

update_findings(**kwargs)

Updates the status for the specified findings.

See also: AWS API Documentation

Request Syntax

response = client.update_findings(
    analyzerArn='string',
    clientToken='string',
    ids=[
        'string',
    ],
    resourceArn='string',
    status='ACTIVE'|'ARCHIVED'
)
Parameters
  • analyzerArn (string) --

    [REQUIRED]

    The ARN of the analyzer that generated the findings to update.

  • clientToken (string) --

    A client token.

    This field is autopopulated if not provided.

  • ids (list) --

    The IDs of the findings to update.

    • (string) --
  • resourceArn (string) -- The ARN of the resource identified in the finding.
  • status (string) --

    [REQUIRED]

    The state represents the action to take to update the finding Status. Use ARCHIVE to change an Active finding to an Archived finding. Use ACTIVE to change an Archived finding to an Active finding.

Returns

None

Paginators

The available paginators are:

Available Services
ACM

Navigation

© Copyright 2019, Amazon Web Services, Inc. Created using Sphinx.